Plugin/Theme: enable-svg-webp-ico-upload Version: 1.1.2 File: class-svg.php Last Update: 12 months ago Developer: ideastocode Key Vulnerability Information Functionality: Processes and sanitizes SVG files during uploads. Sanitization: Uses to sanitize SVGs. Error Handling: Error message if SVG sanitization fails: "Sorry, the SVG file could not be sanitized." Validation: Checks and validates SVG files using and MIME types. Media Integration: Displays sanitized SVGs in the WordPress Media Library and adds custom styles for SVGs in the admin interface. Potential Vulnerabilities SVG Sanitization: May not fully sanitize all potential malicious content if the sanitization library ( ) is not robust. MIME Type Check: Relies on MIME type checking which can be bypassed if an attacker crafts an SVG with a different extension or content. Content Handling: Potential for handling errors during file operations (e.g., reading, sanitizing, saving) that could be exploited.